It looks like at one point in the past the regular expressions in the ruleset were edited to reduce their greed, which resulted in fewer recursive passes over the input. Might something like this be needed here, given recently added rules?
Sent from Mail<https://go.microsoft.com/fwlink/?LinkId=550986> for Windows 10 From: Colin MacAllister<mailto:cmacallis...@probono.net> Sent: Wednesday, April 27, 2016 12:43 PM To: OWASP List<mailto:owasp-modsecurity-core-rule-set@lists.owasp.org> Subject: Execution error - PCRE limits exceeded (-8) I've found references to this via Google searches, and the accepted answer seems to be to increase the PCRE limits to 150000. This seems unwise, since the limits must be there for a reason. Still, I tried it, but it didn't help. I'm receiving 19 errors of this type, all either concerning XSS or SQL injection, for one URI. The URI in question is in this form: /base.cfm?404;/admin/framework.com.page/area.27D92FDF-4048-6285-EDC3-78593415F962 (which has been heavily edited so as to not give away the farm.) Sent from Mail<https://go.microsoft.com/fwlink/?LinkId=550986> for Windows 10
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
